Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 41: FEDORA-2024-ddb5f7c0a3 critical: moodle XSS & DoS Risks

fedora
Calendar Grey December 27, 2024
Dist Fedora Esm H88
Enhancements for Moodle in Fedora 41 encompass various CVE resolutions aimed at addressing security vulnerabilities. Comprehensive installation instructions are included.
Multiple CVE fixes.

Summary

Moodle is a course management system (CMS) - a free, Open Source software

package designed using sound pedagogical principles, to help educators create

effective online learning communities.

Update Information:

Multiple CVE fixes.

Topics%20covered

Topics Covered

security advisory denial of service Fedora XSS security fix online learning moodle

Change Log

* Tue Dec 17 2024 Gwyn Ciesla - 4.4.5-1 - 4.4.5

References


[ 1 ] Bug #2332796 - CVE-2024-55648 moodle: Potential denial of service risk due to guest sessions' longer timeout period [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2332796 [ 2 ] Bug #2332812 - CVE-2024-55647 moodle: Reflected XSS in question bank filter [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2332812 [ 3 ] Bug #2332814 - CVE-2024-55646 moodle: Database activity issue in separate groups mode, for users not in a group [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2332814 [ 4 ] Bug #2332824 - CVE-2024-55645 moodle: Email change confirmation token available via preference [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2332824 [ 5 ] Bug #2332826 - CVE-2024-55644 moodle: Tag index page displays other users tagged with the selected tag [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2332826 [ 6 ] Bug #2332828 - CVE-2024-55643 moodle: Unprotected access to sensitive informa...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-ddb5f7c0a3' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: moodle
Product: Fedora 41
Version: 4.4.5
Release: 1.fc41
URL: https://moodle.org/
Summary: A Course Management System

Topics%20covered

Topics Covered

security advisory denial of service Fedora XSS security fix online learning moodle

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here